<?php
	//修改用户密码接口-set_password.php
	//http://42.121.57.193:7788/platform/set_password.php?phone=15507558558&oldpassword=123456&newpassword=111111

	include_once "init.php";

	$phone			= $_GET["phone"];
	$old_password 		= $_GET["oldpassword"];
	$new_password		= $_GET["newpassword"];

	if(''==$phone)
	{
		die("-1|手机号码不可以为空");
	}
	if(''==$old_password)
	{
		die("-1|原密码不可以为空");
	}
	if(''==$new_password)
	{
		die("-1|新密码不可以为空");
	}
	if (strlen($phone) != 11 || false==is_numeric($phone) || ord($phone)!=49)
	{
		die("-1|手机号码必须是11位数字，并且以1开头");
	}
	if (strlen($old_password) < 6 || strlen($old_password) > 16)
	{
		die("-1|原密码长度不正确");
	}
	if (strlen($new_password) < 6 || strlen($new_password) > 16)
	{
		die("-1|新密码长度不正确");
	}

	if (ctype_alnum($old_password) == false)
	{
		die("-1|原密码必须是数字或者字母组成");
	}
	if (ctype_alnum($new_password) == false )
	{
		die("-1|新密码必须是数字或者字母组成");
	}
	if($old_password == $new_password)
	{
		die("1|新密码和原密码重复");
	}

	$con    = db_connect(DB_NAME);
	//先获取配置信息，查看号码是否存在
	$res = mysql_query("SELECT phone FROM user where phone='$phone'") or die("-1|查询数据库失败");
	$row = mysql_fetch_row($res);

	if (empty($row))
	{
		mysql_close($con);
		die("-1|手机号码未注册");
	}

	$res2 = mysql_query("SELECT phone FROM user where phone='$phone' and password='$old_password'") or die("-1|查询数据库失败");
	$row2 = mysql_fetch_row($res2);

	if (empty($row2))
	{
		mysql_close($con);
		die("-1|原密码输入错误");
	}
	//更新操作
	$res = mysql_query("UPDATE user SET password='$new_password' where phone='$phone'") or die("-1|查询数据库失败");
	mysql_close($con);
	if ( $res === false )
	{
		
		die("-1|设置新密码失败");
	}
	else
	{
		echo '0|';
	}
?>